• Congratulations to the Class of 2024 on your results!
    Let us know how you went here
    Got a question about your uni preferences? Ask us here

...A trojan...? --- PLEASE HELP! (1 Viewer)

kyu_chan

the REAL nightmare begins
Joined
Nov 20, 2004
Messages
260
Gender
Female
HSC
2005
I was on... listening to music... and suddenly, there's a voice saying "Oooh, could it possibly be email for you?" And the like... I closed ALL programs and still, it spoke.

Can somebody please tell me what's wrong and how to fix it? My friend tried to help me fix it, but he couldn't.. and suggested it was some trojan ;__;

*Freaked out*

Please, any sort of help is appreciated, and I thank you in advanced!
 

p-unit

Member
Joined
Mar 13, 2006
Messages
62
Gender
Undisclosed
HSC
2004
is there a dancing guy no your desktop when the sound on
i had one it was messy
 

kyu_chan

the REAL nightmare begins
Joined
Nov 20, 2004
Messages
260
Gender
Female
HSC
2005
Nothing was on the screen... just talking from my mic O_O
 

p-unit

Member
Joined
Mar 13, 2006
Messages
62
Gender
Undisclosed
HSC
2004
get a good anti virus the free one dont work
then update the antivirus
should work
it wil cost you thought
 

kyu_chan

the REAL nightmare begins
Joined
Nov 20, 2004
Messages
260
Gender
Female
HSC
2005
You suppose it's a virus..? Would it spread to my comp and all?

I'm worried ><
 

struth

Member
Joined
Mar 8, 2006
Messages
37
Gender
Male
HSC
2006
It sounds more like spam/an ad. When you said you closed all programs, did you do it through CTRL + ALT + DEL and then Processes? Or did you just close them from the task bar?

In my experience, the free anti-virus programs work just as well as the brand-name ones. Infact, the free version of AVG made me toss out my almost $80 Nortan Suite.

Although it's best to check that your anti-virus software is up to date, it's not likely to stop those annoying ads.. you'll need something along the lines of Ad-Aware or SpyBot Search & Destroy. They're both very good programs, and both of them are free.

You can grab them from www.download.com
 

kyu_chan

the REAL nightmare begins
Joined
Nov 20, 2004
Messages
260
Gender
Female
HSC
2005
I'm downloading a Norton right now... taking me 3 hours+ and another 10 mins more... Ads shouldnt ruin my files, would they *hopeful*

I closed them through quitting programs... not with control ALT DEL

I had and have both spybot and ad-aware... just sitting there... I keep running spybot but everytime i run it, there's 5 new ones again... I should start running ad-aware right now though, because I havent already.

Thanks for the replies, p-unit and struth.

p.s. Suppose though, what do you suggest I do if spybot, anti-virus and ad-aware wouldnt work... T~T
 

insert-username

Wandering the Lacuna
Joined
Jun 6, 2005
Messages
1,226
Location
NSW
Gender
Male
HSC
2006
Don't waste your time with Norton - in software terms, it's fat, useless, and slow. AVG is leaner, faster, and much, much cheaper (i.e. free). You can get it from http://free.grisoft.com/.

Anyways, download and install it, update it, and scan your entire system and it's odds on you'll be free of nasties. Ad-aware and Spybot won't go astray either. If that trio can't fix your computer, it's usually beyond help - they're all excellent programs.


I_F
 

mr_brightside

frakfrakfrakcackmackshack
Joined
Jan 29, 2005
Messages
1,678
Location
Sydney
Gender
Male
HSC
2005
Norton?

more like takescontroloveryourentirecomputerandisreallyshitatfindingshit
 

kyu_chan

the REAL nightmare begins
Joined
Nov 20, 2004
Messages
260
Gender
Female
HSC
2005
I'll try your tip later on tonight *was procrastinating bigtime*

And thanks so much for your assistance! I'm grateful ^^
 

kyu_chan

the REAL nightmare begins
Joined
Nov 20, 2004
Messages
260
Gender
Female
HSC
2005
I did one, but my friend said there are no seemingly obvious nasties on it... Here it is~ T.T

Logfile of HijackThis v1.99.1
Scan saved at 3:53:32 PM, on 2/04/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Norton Internet Security\NISUM.EXE
C:\Program Files\Norton Internet Security\ccPxySvc.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\CTHELPER.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3H2.EXE
C:\Program Files\Office Mouse\moffice.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Office Mouse\MOUSE32A.DAT
C:\Program Files\Free Download Manager\fdm.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Symantec\LiveUpdate\LUALL.EXE
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\Program Files\Avant Browser\avant.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Downloads\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mail.google.com/mail/
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\SBAudigy\Program\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [EPSON Stylus Photo R210 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3H2.EXE /P30 "EPSON Stylus Photo R210 Series" /O6 "USB001" /M "Stylus Photo R210"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Office Mouse\moffice.exe
O4 - HKCU\..\Run: [Taskbar] C:\Program Files\Creative\SBAudigy\Taskbar\CTLTask.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Add to AD Black List - C:\Program Files\Avant Browser\AddToADBlackList.htm
O8 - Extra context menu item: Block All Images from the Same Server - C:\Program Files\Avant Browser\AddAllToADBlackList.htm
O8 - Extra context menu item: Download all by Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download by Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Download selected by Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download web site by Free Download Manager - file://C:\Program Files\Free Download Manager\dlpage.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Highlight - C:\Program Files\Avant Browser\Highlight.htm
O8 - Extra context menu item: Open All Links in This Page... - C:\Program Files\Avant Browser\OpenAllLinks.htm
O8 - Extra context menu item: Search - C:\Program Files\Avant Browser\Search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} (Dldrv2 Control) - http://download.gigabyte.com.tw/object/Dldrv.ocx
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Proxy Service (ccPxySvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPxySvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Internet Security Accounts Manager (NISUM) - Symantec Corporation - C:\Program Files\Norton Internet Security\NISUM.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
 

King Tut

Member
Joined
Mar 5, 2006
Messages
47
Gender
Male
HSC
N/A
mr_brightside said:
moffice.exe?
yep that process if alrite. It's microsoft office.

Was it only that one time that it happened (the voice)? or has it been continuously happening?

I'm guessing that it is possible you have been exposed to an external user accessing your computer (without you knowing) and having a little fun with you. On the other hand, if it has been continuously happening it may be a trojan of some sort.

By the way i have norton antivirus and internet security and although it's not that great with adware, i've never had a problem with detecting and deleting viruses or trojans and it's even pretty good with blocking any external users or organizaions that try to access my computer :)
 

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

Top